Re: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal

help-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal

From:	Marius Bakke
Subject:	Re: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal Server Project)
Date:	Sun, 12 Jan 2020 00:27:32 +0100
User-agent:	Notmuch/0.29.3 (https://notmuchmail.org) Emacs/26.3 (x86_64-pc-linux-gnu)

Giovanni Biscuolo <address@hidden> writes:

> if I run the last ungoogled-chromium Guix version in my terminal session
> [1] on a Debian 10 server, I get SIGABRT:
>
> --8<---------------cut here---------------start------------->8---
> [14913:14913:0110/113833.689067:FATAL:zygote_host_impl_linux.cc(116)] No 
> usable sandbox! Update your kernel or see 
> https://chromium.9oo91esource.qjz9zk/chromium/src/+/master/docs/linux_suid_sandbox_development.md
>  for more information on developing with the SUID sandbox. If you want to 
> live dangerously and need an immediate workaround, you can try using 
> --no-sandbox.
> #0 0x561fb4b09f09 base::debug::CollectStackTrace()
>
> Received signal 6
> #0 0x561fb4b09f09 base::debug::CollectStackTrace()
>   r8: 0000000000000000  r9: 00007ffc91ca6500 r10: 0000000000000008 r11: 
> 0000000000000246
>  r12: 00007ffc91ca7750 r13: 0000000000000170 r14: 00007ffc91ca7910 r15: 
> 00007ffc91ca6780
>   di: 0000000000000002  si: 00007ffc91ca6500  bp: 00007ffc91ca6740  bx: 
> 0000000000000006
>   dx: 0000000000000000  ax: 0000000000000000  cx: 00007fee29c227fa  sp: 
> 00007ffc91ca6578
>   ip: 00007fee29c227fa efl: 0000000000000246 cgf: 002b000000000033 erf: 
> 0000000000000000
>  trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
> [end of stack trace]
> Calling _exit(1). Core file will not be generated.
> --8<---------------cut here---------------end--------------->8---
>
> If I run ungoogled-chromium with --no-sandbox it works, but I'd like not
> to browse with the sandbox off (I'm going to study how to run my
> browsers in a guix container, but it't not the solution AFAIU)
>
> The same updated version of ungoogled-chromium from Guix on a Debian 10
> laptop does not have this problem, so it's specific to the LTSP
> environment I guess
>
> The chromium binary from Debian 10 on the same LTSP environment does not
> have the same problem, it works
>
> Any suggestion on where to look for problems here, please?

The (ungoogled-) Chromium sandbox relies on user namespaces support in
the kernel.  I guess `guix environment -C` does not work either?

Debian disables user namespaces by default, try this command to enable
it:

 sudo sysctl -w kernel.unprivileged_userns_clone=1

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal Server Project), Giovanni Biscuolo, 2020/01/10
- Re: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal Server Project), Marius Bakke <=
  - Re: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal Server Project), Giovanni Biscuolo, 2020/01/13
    - Re: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal Server Project), Marius Bakke, 2020/01/13

Prev by Date: Is this normal? /var/log/messages is ~730 MB
Next by Date: Re: protect generations
Previous by thread: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal Server Project)
Next by thread: Re: ungoogled-chromium aborts on foreign distro via LTSP (Linux Terminal Server Project)
Index(es):
- Date
- Thread